Wouldn't then a hash of your email also identify you as a person? The companies can still build a profile of you if they just agree to use the same hashing function :/
Or even if ShadyAdtechCo just knows what the hashing function is, and has a list of plaintext email addresses to test against – perhaps obtained from one of the datasets they're joining against, or even from crawling the web.
If you mean a static salt, that could help mitigate against hacks (if the attacker has access to the database but not the code), but where adtech is concerned it's probably more realistic to assume that the datasets they're using were disclosed willingly. If you mean using a different salt for each address, that could work for some use cases, but it wouldn't work for the use case described in the blog post, since Touch Surgery needs to be able to lookup whether a given address is in the database (to see whether they've previously declined an invitation).
It's really no problem to do this. We're using a variation on this: https://unix.stackexchange.com/questions/158400/etc-shadow-h.... The output of crypt (where the input is an email address) is pretty useless if we did suffer a data breach. They'd have to hash every known email address with that salt in order to figure out who had declined an invite from us.
Couldn't the salt be unique to the requesting account? I would assume that just because a user declined an invitation from one user, they still might want to accept an invitation from a separate user.
Article 79 says that each data subject that considers that their rights under GDPR have been violated by a controller or processor has the right to an effective judicial remedy, which may be brought before a court in either the Member State where the data subject resides, or where the controller or processor has an establishment.
This is distinct from administrative and non-judicial remedies.
Is it possible to rebind the caps lock key? That's the only reason why I have Karabiner-Elements installed, using the caps lock key for delete_forward is the best thing ever.
Remapping the caps lock key to the delete key (delete the character in front of the cursor) has been a great productivity boost for me. Below is the karabiner.json file that I'm using for this:
Interesting. Remapping it to Control is the greatest help for me because most Mac programs support basic Emacs keybindings. Using Ctrl a or e to go to the end of line is much easier than pressing Fn.
To be fair, JavaScript started out as a language that looks like Java.
"JavaScript was designed with Java's syntax and standard library in mind. In particular, all Java keywords were reserved in original JavaScript, JavaScript's standard library follows Java's naming conventions, and JavaScript's Math and Date objects are based on classes from Java 1.0" -- http://en.wikipedia.org/wiki/JavaScript#JavaScript_and_Java
That cherry picking you just made just completely reversed what was actually said in that article:
"A common misconception is that JavaScript is similar or closely related to Java. It is true that both have a C-like syntax (the C language being their most immediate common ancestor language). They also are both typically sandboxed (when used inside a browser), and JavaScript was designed with Java's syntax and standard library in mind. In particular, all Java keywords were reserved in original JavaScript, JavaScript's standard library follows Java's naming conventions, and JavaScript's Math and Date objects are based on classes from Java 1.0,[116] but the similarities end there.
The differences between the two languages are more prominent than their similarities. Java has static typing, while JavaScript's typing is dynamic. Java is loaded from compiled bytecode, while JavaScript is loaded as human-readable source code. Java's objects are class-based, while JavaScript's are prototype-based. Finally, Java did not support functional programming until Java 8, while JavaScript does, as it contains many features based on Scheme."
Aye, I did cherry pick a bit, sorry about that. But still, if you go to Brendan Eich's wiki page [0], it says that he wanted to put Scheme in the browser, but was commissioned to create a language that resembled Java instead. I guess he ended up doing a little bit of both :)
By law, foreigners should not have a lower salary. When a company sponsor an employee for a visa, the salary is one of the criteria to check for the immigration. They should/have to make sure it match the average salary in the office location. So, if the office is in Boulder, CO instead of San Francisco then it's ok to not pay your employee $100k+.
But a least 4 of the top 10 companies sponsoring for visas in the US are playing very dirty[1][2][3][4] and pay there employee a lot less than they should.
And for what it's worth, most of this companies, now in trouble, are:
- Exploiting cheap labor from India.
- Compromising career and future opportunity of the employee they sponsor
- Affecting thousands of other visa applicants workers who want to move to the US and can't due to the illegal practice of those companies.
tldr; turnover of visa holders vs. non-visa holders should be used as the metric more than wages. Significantly lower turnover of visa holders suggests they're being exploited since those who can quit and find another job do.
But this doesn't work. For many people on H1B's the visa and greencard sponsoring has tremendous value. The do depress wages, but it's because of the risk around the visas.
If you have an H1B, you're less likely to work at startups -- if the company goes bust and you need to find a job fast, you're at tremendous risk of needing to leave the US. You have 4-5 weeks to get a new job, but it has to start by then. Thinking about how long interview cycles can be at some companies, 4 weeks from application to start date is challenging.
Also, people getting sponsored are much less likely to leave. This should be the real metric for evaluation -- turnover. If you're on a visa, especially if you're getting sponsored for a green card, you're much less likely to quit and go to another company. You can get hired at a competitive salary, but over a few years and a few promotions you can be underpaid.
To completely stereotype, I used to work with a ton of these guys at Amazon -- they're all in line for Green Cards and will not consider quitting or even complaining about things until they get it. The turnover among non-visa people is much higher.
You're less likely to get a H1B at a startup yes but it's not for the reasons you think.
For a company to apply to a H1B visa they have to prove they have enough financial assets to not get bust.
There are however several reasons why startups are not sponsoring H1B visas as much as they should:
-It's time consuming. It really takes a lot of time, most of the immigration law firm are not startup friendly and are using old schools forms and stuff.
- They are not educated on visas sponsoring. They just don't know what it takes and stuff.
Don't forget that currently H1-B applications exceed the quota, which means you can only hire H1Bs in October, if you sponsor them the April before, if they get through the lottery (~50% chance). So your hire turns into a maybe-hire-in-six-months.
LCA declarations filed for H1B does have salary data. It is there to stop people from exploiting immigrant workers. At least that is the official stance.
I am not sure how accurate the numbers are but this site seems to have extracted info from the H1B applications:
http://redbus2us.com/h1b-visa-sponsors/
searchable by city.
Looking up menlo park tells me, FB was the largest sponsor with median salary of 133k.
Many, many Indians come in on L1/B1/tourism visa and work completely illegally.Or may be politely asked to return a bit of money on coming back to India.
Another thing that I really enjoy about working remotely is not having to deal with people as much... Talking to computers is so much easier than talking to people :)
There is also a third option: freelancing. This way you can keep programming, with only a moderate amount of "management" (finding new projects to work on/dealing with clients).
Unless part of his agreements with Zenimax required him to provide all necessary assistance and documentation so that they can patent his work, which many agreements do...
Also, they may own it as a trade secret rather than as a patented process. Or, further, it's possible that code that John is working on now is a derivative work of code owned by Zenimax. We won't know until the facts come out.
Check out phk's fosdem talk[0]. I've linked to the the part where he talks about openSSL, but I'd suggest watching the whole thing. I'm now starting to believe the talk wasn't a joke at all...
I was there at the talk and while he put a humorous spin on it by playing the part of a NSA agent, it's also extremely insightful to see it from that point of view. And yeah, when you really think about it... OpenSSL is the NSA's playtoy.
Of course, there's no way to prove that. But really, does it matter? Whether the NSA is behind OpenSSL sucking or not... we have to assume they know of several backdoors/exploits, and the OpenSSL API still sucks and prevents people from doing productive crypto.
